def check_response1(self, resp1_data, rB, myid):
resp1 = bdecode(resp1_data)
self.assert_(type(resp1) == DictType)
self.assert_(resp1.has_key('certA'))
self.assert_(resp1.has_key('rA'))
self.assert_(resp1.has_key('B'))
self.assert_(resp1.has_key('SA'))
# show throw exception when key no good
pubA = EC.pub_key_from_der(resp1['certA'])
rA = resp1['rA']
self.assert_(type(rA) == StringType)
self.assert_(len(rA) == random_size)
B = resp1['B']
self.assert_(type(B) == StringType)
self.assert_(B, myid)
SA = resp1['SA']
self.assert_(type(SA) == StringType)
# verify signature
sig_list = [rA, rB, myid]
sig_data = bencode(sig_list)
sig_hash = sha(sig_data).digest()
self.assert_(pubA.verify_dsa_asn1(sig_hash, SA))
# Cannot resign the data with his keypair to double check. Signing
# appears to yield different, supposedly valid sigs each time.
return resp1
def load_pub_key(pem_x509):
""" PEM形式のX.509 証明書から、ECパブリックキーを取得します"""
from M2Crypto import X509
from M2Crypto import EC
x509 = X509.load_cert_string(pem_x509)
return EC.pub_key_from_der(x509.get_pubkey().as_der())
def verify_data(message, signature, bitcoin_address, cs_pem_data=None):
if cs_pem_data is None:
# Get CS from the ACA (pem data base64 encoded)
cs_pem_data = get_cs_pem_data(bitcoin_address)
# Get CA certificates from the ACA (pem data base64 encoded)
ca_pem_data = get_ca_pem_data()
# If the data could not be obtained from the server
if type(ca_pem_data) is urllib2.URLError or type(
cs_pem_data) is urllib2.URLError:
ca_verify = cs_verify = False
else:
# Store received data in X509 structure
cs_certificate = X509.load_cert_string(cs_pem_data)
ca_certificate = X509.load_cert_string(ca_pem_data)
# Get CS public key from received data
cs_public_key = EC.pub_key_from_der(
cs_certificate.get_pubkey().as_der())
# Verify CA signature in CS certificate and CS signature in data sent
ca_verify = cs_certificate.verify(ca_certificate.get_pubkey())
cs_verify = cs_public_key.verify_dsa_asn1(message, signature)
return {'ca': ca_verify, 'cs': cs_verify}
def check_response1(self, resp1_data, rB, myid):
resp1 = bdecode(resp1_data)
self.assert_(type(resp1) == DictType)
self.assert_(resp1.has_key("certA"))
self.assert_(resp1.has_key("rA"))
self.assert_(resp1.has_key("B"))
self.assert_(resp1.has_key("SA"))
# show throw exception when key no good
pubA = EC.pub_key_from_der(resp1["certA"])
rA = resp1["rA"]
self.assert_(type(rA) == StringType)
self.assert_(len(rA) == random_size)
B = resp1["B"]
self.assert_(type(B) == StringType)
self.assert_(B, myid)
SA = resp1["SA"]
self.assert_(type(SA) == StringType)
# verify signature
sig_list = [rA, rB, myid]
sig_data = bencode(sig_list)
sig_hash = sha(sig_data).digest()
self.assert_(pubA.verify_dsa_asn1(sig_hash, SA))
# Cannot resign the data with his keypair to double check. Signing
# appears to yield different, supposedly valid sigs each time.
return resp1
def com_auth(request):
#the user HaiChiang is fixed in the database
user = User.objects.get(userName='******')
print 'LOG:Chanllenge --------------' + user.challenge
#to do
print 'LOG:com_auth -------------- from ' + getClientIp(request)
result = 0
if request.method == 'POST':
data = json.loads(request.body)
#
#processing keyhandle
#
keyhandle = urlsafe_b64decode(data['keyhandle'].encode('utf-8'))
print 'LOG:key_handle ------------- ' + keyhandle
#
#processing clientdata
#
#convert the clientdata to a dict structure
clientdata = urlsafe_b64decode(data['clientData'].encode('utf-8'))
#clientdata_dict = eval(clientdata)
print 'LOG:clientData ------------- ' + clientdata
#
#processing signature
#
signature = urlsafe_b64decode(data['signature'].encode('utf-8'))
print 'LOG:signature ------------- ' + signature
#public key
prefix = "3059301306072a8648ce3d020106082a8648ce3d030107034200".decode('hex')
tail_key = '04EC4FDC9FBDECFE8F21B178693703733C0E3A96BE41590CCF98DCFB2DA8A19BA8A3854E8B5E57D1E01AEDCA8F28B0B643BC890174A08018C34F91D0A79D064548'.decode('hex')
ec = EC.pub_key_from_der(prefix + tail_key)
#msg
app_para = ''
user_presence = ''
counter = ''
challen_para = ''
#msg = app_para + user_presence + counter + challen_para
msg = '002122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F400102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F200000000004EC4FDC9FBDECFE8F21B178693703733C0E3A96BE41590CCF98DCFB2DA8A19BA8A3854E8B5E57D1E01AEDCA8F28B0B643BC890174A08018C34F91D0A79D064548'.decode('hex')
h = sha256()
h.update(msg)
#signature
sig = '304402206613ECA917F891ABADEAB63054CE7DFE3F32268FCE7D0AF4B37C6000C9D13B2B022067E717B413597268EF28EC72EE79135EB87026DB14E64776C15CD7335D95402A'.decode('hex')
#verify
result = ec.verify_dsa_asn1(h.digest(), sig)
return HttpResponse(result)
def test_pubkey_from_der(self):
a = EC.gen_params(EC.NID_sect233k1)
a.gen_key()
b = EC.gen_params(EC.NID_sect233k1)
b.gen_key()
a_pub_der = a.pub().get_der()
a_pub = EC.pub_key_from_der(a_pub_der)
ak = a.compute_dh_key(b.pub())
bk = b.compute_dh_key(a_pub)
assert ak == bk
def __init__(self, piecelen, npieces, keypair = None, pubkeypem = None):
print >> sys.stderr, 'ECDSAAuth: npieces', npieces
Authenticator.__init__(self, piecelen, npieces)
self.contentblocksize = piecelen - self.OUR_SIGSIZE
self.keypair = keypair
if pubkeypem is not None:
self.pubkey = EC.pub_key_from_der(pubkeypem)
else:
self.pubkey = None
self.startts = None
def verify_with_pub_key(pubkey, digest, r, s):
'''Verify the given digest using ECDSA. r and s are the ECDSA signature parameters.
if verified, return 1.
'''
try:
if isinstance(pubkey, bytes):
pubkey = EC.pub_key_from_der(buffer(pubkey))
return pubkey.verify_dsa(digest, r, s)
except:
return 0
def test_pubkey_from_der(self):
a = EC.gen_params(tested_curve[0])
a.gen_key()
b = EC.gen_params(tested_curve[0])
b.gen_key()
a_pub_der = a.pub().get_der()
a_pub = EC.pub_key_from_der(a_pub_der)
ak = a.compute_dh_key(b.pub())
bk = b.compute_dh_key(a_pub)
self.assertEqual(ak, bk)
def test_pubkey_from_der(self):
a = EC.gen_params(EC.NID_sect233k1)
a.gen_key()
b = EC.gen_params(EC.NID_sect233k1)
b.gen_key()
a_pub_der = a.pub().get_der()
a_pub = EC.pub_key_from_der(a_pub_der)
ak = a.compute_dh_key(b.pub())
bk = b.compute_dh_key(a_pub)
self.assertEqual(ak, bk)
def test_pubkey_from_der(self):
a = EC.gen_params(tested_curve[0])
a.gen_key()
b = EC.gen_params(tested_curve[0])
b.gen_key()
a_pub_der = a.pub().get_der()
a_pub = EC.pub_key_from_der(a_pub_der)
ak = a.compute_dh_key(b.pub())
bk = b.compute_dh_key(a_pub)
self.assertEqual(ak, bk)
def verify_with_pub_key(pubkey, digest, r, s):
'''Verify the given digest using ECDSA. r and s are the ECDSA signature parameters.
if verified, return 1.
'''
try:
if isinstance(pubkey, bytes):
pubkey = EC.pub_key_from_der(buffer(pubkey))
return pubkey.verify_dsa(digest, r, s)
except:
return 0
def test_pubkey_from_der(self):
a = EC.gen_params(EC.NID_X9_62_prime256v1)
a.gen_key()
b = EC.gen_params(EC.NID_X9_62_prime256v1)
b.gen_key()
a_pub_der = a.pub().get_der()
a_pub = EC.pub_key_from_der(a_pub_der)
ak = a.compute_dh_key(b.pub())
bk = b.compute_dh_key(a_pub)
assert ak == bk
def __init__(self, piecelen, npieces, keypair=None, pubkeypem=None):
print >> sys.stderr, 'ECDSAAuth: npieces', npieces
Authenticator.__init__(self, piecelen, npieces)
self.contentblocksize = piecelen - self.OUR_SIGSIZE
self.keypair = keypair
if pubkeypem is not None:
self.pubkey = EC.pub_key_from_der(pubkeypem)
else:
self.pubkey = None
self.startts = None
def _validateAuthenticationSignature(self,
applicationParameter,
userPresenceByte,
counter,
challengeParameter,
publicKey,
signature
):
"""
Internal helper function to validate the authentication signature received after parsing
the token authentication response according to the U2F specification
:param applicationParameter: SHA-256 hash of the application identity.
:param userPresenceByte: The user presence byte as received in the authentication
response
:param challengeParameter: SHA-256 hash of the Client Data, a stringified JSON data
structure prepared by the FIDO Client.
:param publicKey: The user public key retrieved on parsing the registration data
:param signature: The signature to be verified as retrieved on parsing the
authentication response
"""
# add ASN1 prefix
PUB_KEY_ASN1_PREFIX = "3059301306072a8648ce3d020106082a8648ce3d030107034200".decode('hex')
publicKey = PUB_KEY_ASN1_PREFIX + publicKey
# Check for OpenSSL version 1.0.0 or higher
if not self._is_supported_openssl_version():
log.error("This version of OpenSSL is not supported! OpenSSL version 1.0.0 or higher "
"is required for the U2F token.")
raise Exception("This version of OpenSSL is not supported! OpenSSL version 1.0.0 or "
"higher is required for the U2F token.")
try:
# The following command needs support for ECDSA in OpenSSL!
# Since Red Hat systems (including Fedora) use an OpenSSL version without
# support for the NIST P-256 curve (as of March 2015), this command will fail
# with a NULL pointer exception on these systems
ECPubKey = EC.pub_key_from_der(publicKey)
except ValueError as ex:
log.error(
"Could not get ECPubKey. Possibly missing ECDSA support for the NIST P-256 "
"curve in OpenSSL? %r", ex)
raise Exception(
"Could not get ECPubKey. Possibly missing ECDSA support for the NIST P-256 "
"curve in OpenSSL? %r" % ex)
# According to the FIDO U2F specification the signature is a ECDSA signature on the
# NIST P-256 curve over the SHA256 hash of the following byte string
toBeVerified = sha256(
applicationParameter + userPresenceByte + counter + challengeParameter).digest()
if ECPubKey.verify_dsa_asn1(toBeVerified, signature) != 1:
log.debug("Signature verification failed!")
return False
return True
def _validateAuthenticationSignature(self,
applicationParameter,
userPresenceByte,
counter,
challengeParameter,
publicKey,
signature
):
"""
Internal helper function to validate the authentication signature received after parsing
the token authentication response according to the U2F specification
:param applicationParameter: SHA-256 hash of the application identity.
:param userPresenceByte: The user presence byte as received in the authentication
response
:param challengeParameter: SHA-256 hash of the Client Data, a stringified JSON data
structure prepared by the FIDO Client.
:param publicKey: The user public key retrieved on parsing the registration data
:param signature: The signature to be verified as retrieved on parsing the
authentication response
"""
# add ASN1 prefix
PUB_KEY_ASN1_PREFIX = "3059301306072a8648ce3d020106082a8648ce3d030107034200".decode('hex')
publicKey = PUB_KEY_ASN1_PREFIX + publicKey
# Check for OpenSSL version 1.0.0 or higher
if not self._is_supported_openssl_version():
log.error("This version of OpenSSL is not supported! OpenSSL version 1.0.0 or higher "
"is required for the U2F token.")
raise Exception("This version of OpenSSL is not supported! OpenSSL version 1.0.0 or "
"higher is required for the U2F token.")
try:
# The following command needs support for ECDSA in OpenSSL!
# Since Red Hat systems (including Fedora) use an OpenSSL version without
# support for the NIST P-256 curve (as of March 2015), this command will fail
# with a NULL pointer exception on these systems
ECPubKey = EC.pub_key_from_der(publicKey)
except ValueError as ex:
log.exception(
"Could not get ECPubKey. Possibly missing ECDSA support for the NIST P-256 "
"curve in OpenSSL? %r", ex)
raise Exception(
"Could not get ECPubKey. Possibly missing ECDSA support for the NIST P-256 "
"curve in OpenSSL? %r" % ex)
# According to the FIDO U2F specification the signature is a ECDSA signature on the
# NIST P-256 curve over the SHA256 hash of the following byte string
toBeVerified = sha256(
applicationParameter + userPresenceByte + counter + challengeParameter).digest()
if ECPubKey.verify_dsa_asn1(toBeVerified, signature) != 1:
log.debug("Signature verification failed!")
return False
return True
def do_verify_torrent_signature(digest,sigstr,permid):
if permid is None:
return False
try:
ecpub = EC.pub_key_from_der(permid)
if ecpub is None:
return False
intret = ecpub.verify_dsa_asn1(digest,sigstr)
return intret == 1
except Exception, e:
print >> sys.stderr,"permid: Exception in verify_torrent_signature:",str(e)
return False
def do_verify_torrent_signature(digest,sigstr,permid):
if permid is None:
return False
try:
ecpub = EC.pub_key_from_der(permid)
if ecpub is None:
return False
intret = ecpub.verify_dsa_asn1(digest,sigstr)
return intret == 1
except Exception, e:
print >> sys.stderr,time.asctime(),'-', "permid: Exception in verify_torrent_signature:",str(e)
return False
def verify_csr_signature(self):
data = chr(0x00) + self.app_param + self.chal_param + \
self.key_handle + self.pub_key
pubkey = self.certificate.get_pubkey()
# TODO: Figure out how to do this using the EVP API.
# pubkey.verify_init()
# pubkey.verify_update(data)
# if not pubkey.verify_final(self.signature) == 1:
digest = H(data)
pub_key = EC.pub_key_from_der(pubkey.as_der())
if not pub_key.verify_dsa_asn1(digest, self.signature) == 1:
raise Exception('Attestation signature verification failed!')
def verify_csr_signature(self):
data = chr(0x00) + self.app_param + self.chal_param + \
self.key_handle + self.pub_key
pubkey = self.certificate.get_pubkey()
# TODO: Figure out how to do this using the EVP API.
# pubkey.verify_init()
# pubkey.verify_update(data)
# if not pubkey.verify_final(self.signature) == 1:
digest = H(data)
pub_key = EC.pub_key_from_der(pubkey.as_der())
if not pub_key.verify_dsa_asn1(digest, self.signature) == 1:
raise Exception('Attestation signature verification failed!')
def __init__(self, piecelen, npieces, keypair=None, pubkeypem=None):
print >>sys.stderr, time.asctime(), "-", "ECDSAAuth: npieces", npieces
Authenticator.__init__(self, piecelen, npieces)
self.contentblocksize = piecelen - self.OUR_SIGSIZE
self.keypair = keypair
if pubkeypem is not None:
# print >>sys.stderr,time.asctime(),'-', "ECDSAAuth: pubkeypem",`pubkeypem`
self.pubkey = EC.pub_key_from_der(pubkeypem)
else:
self.pubkey = None
self.seqnum = 0L
def check_response2(rdata2,randomA,peeridA,randomB,peeridB):
try:
response2 = bdecode(rdata2)
except:
return None
if response2['A'] != peeridA:
return None
pubB_der = response2['certB']
pubB = EC.pub_key_from_der(pubB_der)
sigB = response2['SB']
if verify_response(randomB,randomA,peeridA,pubB,sigB):
return pubB
else:
return None
def check_response2(rdata2,randomA,peeridA,randomB,peeridB):
try:
response2 = bdecode(rdata2)
except:
return None
if response2['A'] != peeridA:
return None
pubB_der = response2['certB']
pubB = EC.pub_key_from_der(pubB_der)
sigB = response2['SB']
if verify_response(randomB,randomA,peeridA,pubB,sigB):
return pubB
else:
return None
def check_response1(rdata1,randomB,peeridB):
try:
response1 = bdecode(rdata1)
except:
return [None,None]
if response1['B'] != peeridB:
return [None,None]
pubA_der = response1['certA']
pubA = EC.pub_key_from_der(pubA_der)
sigA = response1['SA']
randomA = response1['rA']
if verify_response(randomA,randomB,peeridB,pubA,sigA):
return [randomA,pubA]
else:
return [None,None]
def check_response1(rdata1,randomB,peeridB):
try:
response1 = bdecode(rdata1)
except:
return [None,None]
if response1['B'] != peeridB:
return [None,None]
pubA_der = response1['certA']
pubA = EC.pub_key_from_der(pubA_der)
sigA = response1['SA']
randomA = response1['rA']
if verify_response(randomA,randomB,peeridB,pubA,sigA):
return [randomA,pubA]
else:
return [None,None]
def check_response2(self,resp2_data,rA,rB,myid):
resp2 = bdecode(resp2_data)
self.testcase.assert_(type(resp2) == DictType)
self.testcase.assert_(resp2.has_key('certB'))
self.testcase.assert_(resp2.has_key('A'))
self.testcase.assert_(resp2.has_key('SB'))
# show throw exception when key no good
pubB = EC.pub_key_from_der(resp2['certB'])
A = resp2['A']
self.testcase.assert_(type(A) == StringType)
self.testcase.assert_(A,myid)
SB = resp2['SB']
self.testcase.assert_(type(SB) == StringType)
# verify signature
sig_list = [rB,rA,myid]
sig_data = bencode(sig_list)
sig_hash = sha(sig_data).digest()
self.testcase.assert_(pubB.verify_dsa_asn1(sig_hash,SB))
def check_response2(self, resp2_data, rA, rB, myid):
resp2 = bdecode(resp2_data)
self.testcase.assert_(type(resp2) == DictType)
self.testcase.assert_(resp2.has_key('certB'))
self.testcase.assert_(resp2.has_key('A'))
self.testcase.assert_(resp2.has_key('SB'))
# show throw exception when key no good
pubB = EC.pub_key_from_der(resp2['certB'])
A = resp2['A']
self.testcase.assert_(type(A) == StringType)
self.testcase.assert_(A, myid)
SB = resp2['SB']
self.testcase.assert_(type(SB) == StringType)
# verify signature
sig_list = [rB, rA, myid]
sig_data = bencode(sig_list)
sig_hash = sha(sig_data).digest()
self.testcase.assert_(pubB.verify_dsa_asn1(sig_hash, SB))
def verify_data(message, signature, bitcoin_address, cs_pem_data=None):
if cs_pem_data is None:
# Get CS from the ACA (pem data base64 encoded)
cs_pem_data = get_cs_pem_data(bitcoin_address)
# Get CA certificates from the ACA (pem data base64 encoded)
ca_pem_data = get_ca_pem_data()
# If the data could not be obtained from the server
if type(ca_pem_data) is urllib2.URLError or type(cs_pem_data) is urllib2.URLError:
ca_verify = cs_verify = False
else:
# Store received data in X509 structure
cs_certificate = X509.load_cert_string(cs_pem_data)
ca_certificate = X509.load_cert_string(ca_pem_data)
# Get CS public key from received data
cs_public_key = EC.pub_key_from_der(cs_certificate.get_pubkey().as_der())
# Verify CA signature in CS certificate and CS signature in data sent
ca_verify = cs_certificate.verify(ca_certificate.get_pubkey())
cs_verify = cs_public_key.verify_dsa_asn1(message, signature)
return {'ca': ca_verify, 'cs': cs_verify}
def save_pub_key(pubkey, dest):
pubk = EC.pub_key_from_der(buffer(pubkey))
pubk.save_pub_key(dest)
def verify_data(plaintext,permid,blob):
pubkey = EC.pub_key_from_der(permid)
digest = sha(plaintext).digest()
return pubkey.verify_dsa_asn1(digest,blob)
def save_pub_key(pubkey, dest):
pubk = EC.pub_key_from_der(buffer(pubkey))
pubk.save_pub_key(dest)
def get_dh_key(self, otherKey):
pk = EC.pub_key_from_der(buffer(otherKey))
return self.ec.compute_dh_key(pk)
def active_auth(dg15: bytes, sm_object: SMObject, security_infos: List[bytes]):
"""
Do active authentication with DG15
"""
# Generate 8 random bytes
rnd_ifd = urandom(8)
# exception caught in main program loop
data = send(
sm_object,
APDU(b"\x00",
b"\x88",
b"\x00",
b"\x00",
Lc=b"\x08",
cdata=rnd_ifd,
Le=b"\x00"))
if data == b"":
raise ActiveAuthenticationError("[-] No reply from card.")
i = asn1_node_root(dg15)
i = asn1_node_first_child(dg15, i)
pub_key = asn1_get_all(dg15, i)
i = asn1_node_first_child(dg15, i)
i = asn1_node_first_child(dg15, i)
if asn1_get_all(dg15, i) == encode_oid_string("1.2.840.10045.2.1"): # ECC
r = data[:len(data) // 2]
s = data[len(data) // 2:]
signature = asn1_sequence(asn1_integer(r) + asn1_integer(s))
ec_pub = EC.pub_key_from_der(pub_key)
if ec_pub.check_key() != 1:
raise ActiveAuthenticationError(
"[-] Active Authentication (AA) failed! Problem in EC Public Key!"
)
try:
hash_type = find_hash_name(security_infos)
except ValueError as ex:
raise ActiveAuthenticationError(
"[-] Active Authentication (AA) failed! Problem in Security Infos hash type!"
) from ex
# for hash_type in ["sha224", "sha256", "sha384", "sha512"]:
try:
result = ec_pub.verify_dsa_asn1(
hashlib.new(hash_type, rnd_ifd).digest(), signature)
except EC.ECError as ex:
print("[-] Error in EC function " + ex)
raise ActiveAuthenticationError(
"[-] Error in verify_dsa_asn1 of M2Crypto.EC") from ex
if result == 1:
print("[+] Active Authentication (AA) completed successfully!")
else:
raise ActiveAuthenticationError(
"[-] Active Authentication (AA) failed!")
elif asn1_get_all(dg15,
i) == encode_oid_string("1.2.840.113549.1.1.1"): # RSA
j = asn1_node_root(pub_key)
j = asn1_node_first_child(pub_key, j)
j = asn1_node_next(pub_key, j)
rsa_pub_key = asn1_get_value_of_type(pub_key, j, "BIT STRING")
if rsa_pub_key[0] != 0x00:
raise ActiveAuthenticationError(
"[-] An issue with the RSA key! Padding 0x00 is expected")
rsa_pub_key = rsa_pub_key[1:]
j = asn1_node_root(rsa_pub_key)
j = asn1_node_first_child(rsa_pub_key, j)
n_der = asn1_get_value_of_type(rsa_pub_key, j, "INTEGER")
j = asn1_node_next(rsa_pub_key, j)
e_der = asn1_get_value_of_type(rsa_pub_key, j, "INTEGER")
n = int.from_bytes(n_der, byteorder="big")
e = int.from_bytes(e_der, byteorder="big")
# rsa_key = RSA.import_key(pub_key)
# https://stackoverflow.com/a/60132608/6077951
msg = int.from_bytes(data, byteorder="big")
dec = pow(msg, e, n).to_bytes(len(data), byteorder="big")
if dec[-1] == 0xCC:
if dec[-2] == 0x38:
hash_alg = "sha224"
elif dec[-2] == 0x34:
hash_alg = "sha256"
elif dec[-2] == 0x36:
hash_alg = "sha384"
elif dec[-2] == 0x35:
hash_alg = "sha512"
t = 2
elif dec[-1] == 0xBC:
hash_alg = "sha1"
t = 1
else:
raise ActiveAuthenticationError(
"[-] Error while Active Authentication!")
def compare_aa(hash_object):
# k = rsa_key.size_in_bits()
# Lh = hash_object.digest_size * 8
# Lm1 = (k - Lh - (8 * t) - 4 - 4) // 8
D = dec[-hash_object.digest_size - t:-t]
M1 = dec[1:-hash_object.digest_size - t]
Mstar = M1 + rnd_ifd
hash_object.update(Mstar)
Dstar = hash_object.digest()
return hmac.compare_digest(D, Dstar)
hash_object = hashlib.new(hash_alg)
if compare_aa(hash_object):
print("[+] Active Authentication (AA) completed successfully!")
else:
raise ActiveAuthenticationError(
"[-] Active Authentication (AA) failed!")
def pub_key_from_der(der):
return EC.pub_key_from_der(PUB_KEY_DER_PREFIX + der)
def verify_data(plaintext, permid, blob):
pubkey = EC.pub_key_from_der(permid)
digest = sha(plaintext).digest()
return pubkey.verify_dsa_asn1(digest, blob)
from M2Crypto import EC, EVP, BIO
import binascii, sys, cryptimage
from pydmtx import DataMatrix
from PIL import Image
debug=0
#read in the data from the image
dm_read = DataMatrix(scheme=DataMatrix.DmtxSchemeBase256)
img = Image.open("dm.png")
data = dm_read.decode(img.size[0],img.size[1],img.tostring())
#extract public key and encrypted message
ephpub, ciphertext = cryptimage.parse_input(data)
ephemeral = EC.pub_key_from_der(cryptimage.build_asn1(ephpub))
if debug: sys.stderr.write("ct = %s\n" % binascii.b2a_hex(ciphertext))
ecpairpem = """-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIH8TNBOfV+JWVBr25KfjJ1007paZ/JnrvjxFzZThUgSToAoGCCqGSM49
AwEHoUQDQgAEtv1eCFuapm3ku1AdTt5eK1IVaAzH2MBQqreo3FBSE8EHxCsEGRvK
auFV+AgDEQotZbdqzAojRoCjuhZcYP73Pg==
-----END EC PRIVATE KEY-----
"""
#derive shared key
ecbio = BIO.MemoryBuffer()
ecbio.write(ecpairpem)
ecpair = EC.load_key_bio(ecbio)
ecder = ecpair.pub().get_der()
ecpub = cryptimage.compress_key(cryptimage.strip_asn1(ecder))
from M2Crypto import EC, EVP
import binascii, sys, cryptimage
from pydmtx import DataMatrix
debug=0
ecpubkey = binascii.a2b_hex('02b6fd5e085b9aa66de4bb501d4ede5e2b5215680cc7d8c050aab7a8dc505213c1')
ecder = cryptimage.build_asn1(ecpubkey)
ecpub = EC.pub_key_from_der(ecder)
digest = EVP.MessageDigest("sha1")
digest.update(cryptimage.compress_key(ecpubkey))
fingerprint = digest.digest()
# NID_X9_62_prime256v1
ephemeral = EC.gen_params(EC.NID_X9_62_prime256v1)
ephemeral.gen_key()
ephpub=cryptimage.strip_asn1(ephemeral.pub().get_der())
ephpub=cryptimage.compress_key(ephpub)
shared = ephemeral.compute_dh_key(ecpub.pub())
#strip second half of key which is y cordinates and can be derived from first half
dk=cryptimage.KDF(shared[:len(shared)/2],128,fingerprint)
if debug: sys.stderr.write("dk = %s\n" % binascii.b2a_hex(dk))
account="2000111122223333"
amount="1500050"
pin="7654"
data=cryptimage.dataencode(account,amount,pin)
def get_dh_key(self, otherKey):
pk = EC.pub_key_from_der(buffer(otherKey))
return self.ec.compute_dh_key(pk)
def pub_key_from_der(der):
return EC.pub_key_from_der(PUB_KEY_DER_PREFIX + der)
#!/usr/bin/env python
# coding=utf-8
from M2Crypto import EC
from hashlib import sha256
prefix = "3059301306072a8648ce3d020106082a8648ce3d030107034200".decode('hex')
tail_key = '04EC4FDC9FBDECFE8F21B178693703733C0E3A96BE41590CCF98DCFB2DA8A19BA8A3854E8B5E57D1E01AEDCA8F28B0B643BC890174A08018C34F91D0A79D064548'.decode('hex')
ec = EC.pub_key_from_der(prefix + tail_key)
msg = '002122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F400102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F200000000004EC4FDC9FBDECFE8F21B178693703733C0E3A96BE41590CCF98DCFB2DA8A19BA8A3854E8B5E57D1E01AEDCA8F28B0B643BC890174A08018C34F91D0A79D064548'.decode('hex')
sig = '304402206613ECA917F891ABADEAB63054CE7DFE3F32268FCE7D0AF4B37C6000C9D13B2B022067E717B413597268EF28EC72EE79135EB87026DB14E64776C15CD7335D95402A'.decode('hex')
h = sha256()
h.update(msg)
result = ec.verify_dsa_asn1(h.digest(), sig)
print result
